4 Things Hackers Hate

Just like common burglars seeking an open window or unlocked car, hackers are looking for an easy mark. Time to do the things hackers hate!

Sure – some of them are going after Sony, Home Depot, and TJ Maxx – but the most profitable targets are small and medium-sized businesses.

Most smaller companies have lots of data which requires protection, but haven’t yet fully employed good security measures. Bingo!

Keep Your Secrets… well… SECRET!

I’m not saying you’re hiding anything, but – maybe you should be! Passwords can really make your day, can’t they? And these days, EVERYTHING has a password. Whatever you do, DO NOT use the same password for several accounts across the internet. That’s asking for trouble.

A better option? Use a Password Manager! You set a Master Password, memorize it, and don’t worry about any others! Once you’ve logged in to your PW Manager, you can access entries for all your logins – banking, insurance, investment, email, anything you need! And your passwords can all be different and very complex – which makes your IT guy happy!

My PW Manager is loaded on my work PC, laptop, and my phone. This way, I can easily access my passwords anytime, anywhere. Take THAT, hackers! (**more about password managers)

Only Take What You Need

If a staff member is hired to answer incoming calls and set appointments, should she have access to your QuickBooks file? Of course not! Similarly, NO staff members should have access to the Administrator functions of your business server or network! Sure, there should be Administrator access for periodic Admin functions and updates, but not for everyday use.

All staff should have USER accounts with access to ONLY those functions, areas, and programs that are required for their job function. (**HIPAA and FINRA requirement)

Choose Passwords Wisely

‘Your password expires in 10 days.’ Somehow, my computer typically forces me to change it on a Friday. I struggle to come up with a new password I THINK I can remember, and change it. Then Monday morning rolls around and I can’t get logged in. Then I recall I changed the darned thing Friday. What was that new password again?

Think back to Jr. High math class and probabilities. (Relax – it’s okay – there isn’t going to be a test.) The greater the character set (numbers, uppercase, lowercase, special characters) and the greater the length, the more complex the password. Make your math teacher proud! (read more about strong passwords)

To secure your business network further, your IT team can set a password policy in your server. This will require a NEW password each time. For instance, it could require passwords to be a minimum of 8 characters, have uppercase, lowercase, a number, a special character, have no repeating characters, and a password you haven’t used in the last 5 password changes. Whew!

Work with your IT Team to find the best combination for your office. (**HIPAA and FINRA requirement)

Select a Smart Staff

This is where the rubber meets the road. The human link, your staff, is the most vulnerable. With training and a healthy culture, they can be a human firewall.

Teach your staff what cyber threats look like and how to avoid them. Your team can’t be on the lookout if they don’t even know what to look for! Make cybersecurity training a small part of your weekly staff meetings or company newsletters. This is a reality for today’s businesses. Don’t ignore it!

Lastly, make sure everyone knows exactly what to do in case of a cybersecurity event – who to call, how to handle the office, what to say to clients, etc.

Know what to look for!

By knowing where your office stands from a Risk Mitigation and Security standpoint, you’re already getting ahead of the crooks.

Take it one step further and plan on making just a few small changes each month. This action results in providing better protection of your client’s personal information and making your business stronger.

Make it tough on the hackers – do all of the Things that Hackers Hate!

These four items are all settings within your network which require a one-time setup. If your IT team isn’t able to make these changes, give us a call.

We are happy to help you and your company increase your cybersecurity.